Documentation

Viewing posts for the category Omarine User's Manual

Building a fault-tolerant firewall system with virtual machines: Routing

Posted by: Tuyen Pham Thanh in Cyber security, English, Khoa học- kỹ thuật, Omarine User's Manual, Vietnamese, Virtual Machine 1 year, 5 months ago

Routing is an interesting and important issue. Not only smoothing traffic, routing work also determines the path of a packet so that the correct packet filtering can be performed.
We start from the client. There are two ways out from the client, so which way to go?


192.168.2.1 on the firewall machine fw-1 cannot be set as the client's default gateway, as such the firewall machine fw-2 is completely disabled. Likewise, the firewall machine fw-2's 192.168.2.2 cannot be used. The solution is to use the virtual IP address 192.168.2.100 generated by the HA system. From the point of view of the HA system, all four machines above are real machines. It generates virtual IP addresses for automatic routing. If the firewall machine fw-1 is the primary firewall, the address 192.168.2.100 will be added to fw-1's eth1 interface


So the client needs to create a route through the default gateway 192.168.2.100. You run this command:

Building a fault-tolerant firewall system with virtual machines: Testing spice agent and USB redirection

Posted by: Tuyen Pham Thanh in Cyber security, English, Khoa học- kỹ thuật, Omarine User's Manual, Vietnamese, Virtual Machine 1 year, 5 months ago

To see the effect of spice agent and USB redirection we practice the tasks like this:

     1. Perform drag and drop to transfer the gnome-backgrounds-40.1-1.x86_64.rpm package from the client to the virtual machine
     2. Copy a text from the client and paste it into gedit's editing area on the virtual machine
     3. While working on the virtual machine, plug a USB stick whose label DUMMY into the client machine. The label DUMMY then appears in the virtual machine's file browser as a new drive. Click it to open the USB drive

We also see no mouse capture and no need to release the mouse when switching between the client and the virtual machine

Building a fault-tolerant firewall system with virtual machines: Network configuration using systemd

Posted by: Tuyen Pham Thanh in Cyber security, English, Khoa học- kỹ thuật, Omarine User's Manual, Vietnamese, Virtual Machine 1 year, 5 months ago

Almost any network configuration can be done using commands in the iproute2 package. For example, you can run the command below to rename the enp0s2 interface to eth0:

Building a fault-tolerant firewall system with virtual machines: Configuring X to use qxl video driver

Posted by: Tuyen Pham Thanh in Cyber security, English, Khoa học- kỹ thuật, Omarine User's Manual, Vietnamese, Virtual Machine 1 year, 6 months ago

Now we work on the fw-1 virtual machine. First let's try to see with the -vga qxl definition, which video driver qemu will give us in the kernel. You run this command:

Building a fault-tolerant firewall system with virtual machines: Accessing remote virtual machine

Posted by: Tuyen Pham Thanh in Cyber security, English, Khoa học- kỹ thuật, Omarine User's Manual, Vietnamese, Virtual Machine 1 year, 6 months ago

We are working on a remote physical machine named ngoc at 192.168.0.12. This machine acts as a client to access virtual machine fw-1 on host machine omarine at 192.168.0.3. The communication port is 3001, which we configured when setting up the fw-1 virtual machine in the previous post.
The access command is as follows:

• Page 4 of 29
• ←
• 1
• 2
• 3
• 4
• 5
• 6
• 7
• 8
• 9
• 10
• →